avoid clobbering existing env

This is necessary on windows, ssh couldn't resolve hostnames without env
for whatever reason.
This commit is contained in:
Joey Hess 2014-05-14 16:17:30 -04:00
parent 740de08461
commit a11176bab3
2 changed files with 19 additions and 3 deletions

View file

@ -53,3 +53,17 @@ prompt the user for it before running ssh and the ssh-askpass shim.
This avoids some complexity, and perhaps some attack vectors,
if the shim cannot requst an arbitrary password prompt.
(This complexity not needed with the temp file approach..)
### TODO
* Does not work on Windows; ssh still prompts in the terminal for the
password.
* test on OSX
* test on Android
* enabling rsync repositories needs to prompt for password; currently
broken
* test gcrypt repositories (creation of new and enabling)
* If the user is slow, the cached ssh key can exire before they finish.
Currently this results in ssh being given no password, and failing.
Either avoid time-based expiry (manually expiring when done, and how
to detect if they gave up?) or notice this and give a sensible error.